Hello, due to the recent GMX mail rejection incident (for which I still don't have a satisfactory explanation from GMX) I've enabled DMARC on our mail server in the hopes of getting better deliverability.
But some of our outgoing mails were rejected, and the aggregate DMARC reports we were getting weren't too helpful (again :-( ) Since this is a completely new area for me, I'm trying to make sense of the report content, and of course I'm trying to adjust our DNS records to limit damage. As far as I understand, the report contains a copy of our published policy as well as records per sending IP. In the report I'm just looking at, it's stated that our domain and subdomain policy is "reject" although I changed it to "quarantine" within the same DNS update in which I changed the rua address from a generic one to a special receiver address, so I know the reporter must have read the new version of the DMARC DNS record because they sent to that special address. The report also claims that SPF failed, although our SPF record included the outgoing mailserver from the beginning, of course. So this report looks like a red herring to me - not enough information to debug what may have been wrong (ok for an aggregate report) but also containing highly questionable data. I'm about to switch off DMARC off again or at least change the policy to "none" as it seems to hurt more than help. What's your experience with reliability of DMARC reports? Mostly helpful? Too much nonsense? Cheers, Hans-Martin _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
